Host Intrusion Prevention for Desktops (HID) 

Managing security and controlling connectivity for the desktops and laptops that your employees use every day can be a real IT headache. Employees can inadvertently introduce worms, spyware, and other threats into your network through their desktops or laptops. The other side of the coin is that desktops are commonly the target of exploits like buffer-overflow attacks. This can compromise your data, put employees at risk, and result in lost productivity.

McAfee® Host Intrusion Prevention monitors and blocks such unwanted activity and makes it easier to keep desktops safe with multiple proven methods—system firewall, signature analysis, and behavioral analysis. And you can manage it all from one centralised console.

With automatic signature updates and zero-day protection, you get advanced vulnerability-shielding capabilities. Patching systems is something you will do less often and less urgently. You’ll also find it easier to comply with legal regulations. With a single agent for host intrusion prevention on your desktops, Host Intrusion Prevention is easy to deploy, easy to configure, and easy to manage.

Our stateful firewall for Microsoft Windows proactively defends and controls your desktops and laptops to combat new threats that anti-virus alone cannot defend against. With connection aware policies you can apply different levels of protection depending on how and where a system connects to the network (wired or wireless). McAfee Host Intrusion Prevention can quarantine and restrict network access to systems if it is found to be out of date or running old policies.

Standalone products have cumbersome unintegrated management platforms, making it difficult to deploy the comprehensive protection you need against today's blended threats. Host Intrusion Prevention integrates into your existing McAfee® ePolicy Orchestrator® management platform, for accurate, scalable, and easy-to-use advanced desktop protection.

Key Features

• Vulnerability shielding Automatic security content updates target specific vulnerabilities; it recognizes unknown exploits and stops them from executing; security content updates do not require system reboots
• Prevents buffer-overflow exploits McAfee Host Intrusion Prevention uses a patented host intrusion technology to prevent buffer-overflow attacks, one of the most common methods of attacking desktops
• Application Blocking Control which specific applications can run—or must never run—on any given computer for an added layer of protection
• Windows firewall protection Apply different security parameters based on how your system connects to the network (wired or wireless) with a stateful firewall for Windows; quarantine noncompliant systems as they attempt to connect to the network and block system ports
• Advanced application protection McAfee Host Intrusion Prevention puts an “envelope” around an application to prevent it from communicating with other applications; this prevents applications from being leveraged in any type of attack

McAfee Suites that include Intrusion Prevention for Desktops (HID)

• Total Protection Enterprise (TEN)
  Desktop, Server, Mail Server and Internet Gateway Antivirus and Antispyware protection, Spam protection on mail server and Desktop Intrusion Prevention
• Total Protection Enterprise Advanced (TEA)
  Desktop, Server, Mail Server and Internet Gateway Antivirus and Antispyware protection, Spam protection on mail server and Desktop Intrusion Prevention - Plus Network Access Control security. 

Alternative Products

Host Intrusion Prevention for Servers (HIS) Adds additional IPS to core business servers.  This product is not aded to any McAfee suites so would be bought as a separate product and can be bought based on the number of servers.